Mozilla Dials Back on Firefox Opportunistic Encryption

http://www.eweek.com/imagesvr_ce/5035/290_SecurityExperts.jpg

Mozilla has had a change of heart regarding opportunistic encryption—for now. The company rolled out its open-source Firefox 37 Web browser on March 31, with one of the key new features being a capability known as opportunistic encryption. However, due to a security issue related to opportunistic encryption, Mozilla disabled the feature in the Firefox 37.0.1 update released April 3.

The security issue is located in Mozilla’s HTTP Alternative Services (Alt-Svc) implementation, which is connected to the opportunistic encryption capability.

Tags: 

Read more: Mozilla Dials Back on Firefox Opportunistic Encryption

Story added 7. April 2015, content source with full text you can find at link above.